How do you protect your law firm against cyber crime?

According to figures published by the Office for National Statistics, one in ten adults in… Read more

According to figures published by the Office for National Statistics, one in ten adults in England and Wales were a victim of cyber crime in the year to July 2016, which amounts to more than 5.8m incidents (much higher than the October 2015 ONS estimate of 3.8m).

Despite an estimated 93 per cent of small firms taking steps to protect themselves from online threats, two thirds have been the victim of cyber crime in the past two years. During that time, on average, those affected have been hit four times, costing each business a total of £3,000, says the FSB.

The most common types of cyber crime affecting small businesses in the UK are phishing emails (49%), spear phishing emails (37%) and malware attacks (29%). The FSB believes cyber crime costs small firms disproportionately more when compared to large companies. Small firms also need to improve their cyber safety measures, it says, for example, only a quarter have a strict password policy, while just 4 per cent have a written action plan of what to do should they suffer a cyber attack.

Cyber crime damage

In its recent report, Cyber Crime Assessment 2016, the UK’s National Crime Agency summarised the damage companies can suffer in the wake of a cyber attack. It can include “substantial loss of revenue, valuable data and other company assets. The impact of litigation costs (and, with the arrival of new regulations, potential fines), the loss of confidence from reputational damage and possible executive-level dismissals could also result in immediate and material loss of shareholder value”.

It also believes that “the accelerating pace of technology and criminal cyber capability development currently outpaces the UK’s collective response to cyber crime”. In other words, the problem is getting harder to combat. It is calling for government, law enforcement, industry regulators and businesses to join together to fight cyber crime.

Although the most serious threat comes from well-organised international crime groups, it says, most cyber criminals have limited technical capability. However, it warns that cyber crime is growing fast and evolving quickly, “becoming both more aggressive and technically proficient”.